Lucene search
+L

215 matches found

Cvelist
Cvelist
added 2022/04/04 7:46 p.m.29 views

CVE-2022-1185

A denial of service vulnerability when rendering RDoc files in GitLab CE/EE versions 10 to 14.7.7, 14.8.0 to 14.8.5, and 14.9.0 to 14.9.2 allows an attacker to crash the GitLab web application with a maliciously crafted RDoc file...

6.5CVSS6.5AI score0.01277EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/04/04 12:0 a.m.2 views

PT-2022-13699 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 10 through 14.7.7 GitLab CE/EE versions 14.8.0 through 14.8.5 GitLab CE/EE versions 14.9.0 through 14.9.2 Description: A denial of service issue occurs when rendering RDoc files, allowing an attacker to crash the GitLab...

6.5CVSS6.3AI score0.01277EPSS
Exploits0References12
CNNVD
CNNVD
added 2022/04/01 12:0 a.m.7 views

GitLab 缓冲区错误漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A buffer error vulnerability exists in GitLab CE/EE that allows an attacker to...

6.5CVSS7.4AI score0.01277EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/03/09 12:0 a.m.41 views

Oracle Linux 8 : ELSA-2022-0672-1: / ruby:2.5 (ELSA-2022-06721)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-06721 advisory. - Properly fix command injection vulnerability in Rdoc. Related: CVE-2021-31799 - Fix command injection vulnerability in RDoc. Resolves: CVE-2021-3179...

7.4CVSS7.1AI score0.0305EPSS
Exploits2References4
Oracle linux
Oracle linux
added 2022/03/08 12:0 a.m.61 views

ruby:2.5 security update

ruby 2.5.9-109.0.1 - Rebuild with a dependency containing fix for Orabug: 33921593 2.5.9-109 - Properly fix command injection vulnerability in Rdoc. Related: CVE-2021-31799 2.5.9-108 - Fix command injection vulnerability in RDoc. Resolves: CVE-2021-31799 - Fix StartTLS stripping vulnerability in...

7.4CVSS1.2AI score0.0305EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2022/02/28 7:0 p.m.90 views

Important: Red Hat Security Advisory: rh-ruby26-ruby security, bug fix, and enhancement update

An update for rh-ruby26-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

9.3CVSS6.6AI score0.06307EPSS
Exploits5References8
RedHat Linux
RedHat Linux
added 2022/02/28 7:0 p.m.6 views

rubygem-rdoc: Command injection vulnerability in RDoc

An operating system command injection flaw was found in RDoc. Using the rdoc command to generate documentation for a malicious Ruby source code could lead to execution of arbitrary commands with the privileges of the user running rdoc...

7CVSS7.5AI score0.0148EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/02/24 3:40 p.m.7 views

rubygem-rdoc: Command injection vulnerability in RDoc

An operating system command injection flaw was found in RDoc. Using the rdoc command to generate documentation for a malicious Ruby source code could lead to execution of arbitrary commands with the privileges of the user running rdoc...

7CVSS7.5AI score0.0148EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/02/24 12:0 a.m.36 views

RHEL 8 : ruby:2.5 (RHSA-2022:0672)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0672 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

7.4CVSS7.3AI score0.0305EPSS
Exploits2References9
Tenable Nessus
Tenable Nessus
added 2022/02/23 12:0 a.m.29 views

EulerOS 2.0 SP3 : ruby (EulerOS-SA-2022-1187)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a...

7CVSS7.6AI score0.0148EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/02/21 9:4 a.m.11 views

rubygem-rdoc: Command injection vulnerability in RDoc

An operating system command injection flaw was found in RDoc. Using the rdoc command to generate documentation for a malicious Ruby source code could lead to execution of arbitrary commands with the privileges of the user running rdoc...

7CVSS7.5AI score0.0148EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/02/21 8:55 a.m.4 views

rubygem-rdoc: Command injection vulnerability in RDoc

An operating system command injection flaw was found in RDoc. Using the rdoc command to generate documentation for a malicious Ruby source code could lead to execution of arbitrary commands with the privileges of the user running rdoc...

7CVSS7.5AI score0.0148EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/02/17 12:0 a.m.111 views

RHEL 8 : ruby:2.6 (RHSA-2022:0543)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0543 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

9.3CVSS7.3AI score0.06307EPSS
Exploits5References15
RedHat Linux
RedHat Linux
added 2022/02/16 11:39 a.m.64 views

Important: Red Hat Security Advisory: ruby:2.6 security update

An update for the ruby:2.6 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.3CVSS6.6AI score0.06307EPSS
Exploits5References8
RedHat Linux
RedHat Linux
added 2022/02/16 11:39 a.m.7 views

rubygem-rdoc: Command injection vulnerability in RDoc

An operating system command injection flaw was found in RDoc. Using the rdoc command to generate documentation for a malicious Ruby source code could lead to execution of arbitrary commands with the privileges of the user running rdoc...

7CVSS7.5AI score0.0148EPSS
Exploits0References5
OSV
OSV
added 2022/02/16 8:26 a.m.23 views

RLSA-2022:0543 Important: ruby:2.6 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc:...

8.8CVSS8AI score0.06307EPSS
Exploits5References7
Rockylinux
Rockylinux
added 2022/02/16 8:26 a.m.59 views

ruby:2.6 security update

An update is available for rubygem-bson, rubygem-mysql2, ruby, rubygem-mongo, rubygem-pg, rubygem-abrt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Ruby is a...

9.3CVSS7.9AI score0.06307EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2022/02/13 12:0 a.m.47 views

EulerOS Virtualization 3.0.6.0 : ruby (EulerOS-SA-2022-1093)

According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and...

7.4CVSS7.5AI score0.0305EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2022/02/13 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2022-1144)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS7.6AI score0.02909EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/02/12 12:0 a.m.37 views

EulerOS Virtualization 3.0.6.6 : ruby (EulerOS-SA-2022-1144)

According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and...

7.4CVSS7.4AI score0.02909EPSS
Exploits1References3
Rows per page
Query Builder